On HAProxy, Wireshark and tcpdump
__TOC__ HAProxy * http://www.haproxy.org/ * Desc. : a free, very fast and reliable solution offering high availability, load balancing, and proxying for TCP and HTTP-based applications * License: * Written in: * Sources: References * HAProxy official documentation * 1.8 ** HAProxy Starter Guide ** HAProxy Configuration Manual *** Global parameters *** Proxy configuration *** Bind and server options *** ACL basics *** Fetching samples ** HAProxy Management Guide *** Starting HAProxy *** Stopping and restarting HAProxy * TLS termination proxy * SSL forward proxy * SSL pass-through proxy * What HAProxy is and isn't ** It will not see IP packets nor UDP datagrams, will not perform NAT or even less DSR (direct server return, without passing through the LB again) Proxy Keywords * Proxy keywords matrix Bind options * Bind options Sample Fetch Methods * Fetching samples at Layer 4 : TCP/IP * Fetching samples at Layer 5 : SSL * Fetching samples at Layer 6 : * Fetching samples at Layer 7 : HTTP Readings * [https://www.nginx.com/resources/glossary/reverse-proxy-vs-load-balancer/ What is a Reverse Proxy vs. Load Balancer?] * Forward Proxy vs Reverse Proxy(Aug 06, 2012) * What’s New in HAProxy 1.8(Nov 1, 2017) * Install and Configure HAProxy Load Balancer on Ubuntu 16.04 (Feb 06, 2017) * An Introduction to HAProxy and Load Balancing Concepts (May 13, 2014) * Running HAProxy ** haproxy -f /etc/haproxy.cfg * Rewriting HTTP Requests, Methods, or Headers Reverse Proxy * Using HAproxy as a reverse proxy * HAProxy TCP Reverse Proxy Setup Guide (SSL/TLS Passthrough Proxy) SSL * SSL offloading impact on web applications (Feb 26, 2013) ** SSL offloading SSL acceleration * How To Implement SSL Termination With HAProxy on Ubuntu 14.04 (July 10, 2014) * SSL Client certificate management at application level (Oct 3, 2012) * Handling SSL/TLS * Client Certificate Authentication with HAProxy (August 15, 2017) * SSL Client certificate information in HTTP headers and logs ( Jun 13, 2013) * Pass-through SSL with HAProxy (Feb 8, 2015) * HPKP: HTTP Public Key Pinning with HAProxy(2015-01-27) * HAProxy and HTTP Strict Transport Security (HSTS) header in HTTP redirects (Jun 9, 2015) WebSockets * Websockets load-balancing with HAProxy (Nov 7, 2012) Load Balancer * AWS : LOAD BALANCING WITH HAPROXY (HIGH AVAILABILITY PROXY) * [https://serversforhackers.com/c/load-balancing-with-haproxy Load Balancing with HAProxy] (JULY 15, 2014) * Using HAPROXY as an SSL gateway(January 28th, 2014) * Enhanced SSL load-balancing with Server Name Indication (SNI) TLS extension (Apr 13, 2012) Wireshark * http://www.wireshark.org/ * Desc. : lets you capture and interactively browse the traffic running on a computer network. References * Wireshark User’s Guide ** Filtering while capturing ** [https://www.wireshark.org/docs/wsug_html_chunked/ChWorkBuildDisplayFilterSection.html Building display filter expressions] * CaptureFilters * DisplayFilters * [https://www.wireshark.org/docs/man-pages/wireshark-filter.html Wireshark filter syntax and reference] * Display Filter Reference Readings * How To Set Up a Capture * [https://wiki.wireshark.org/CaptureSetup/Loopback Loopback capture setup] * Wireshark basics 101: A simple concise tutorial for beginners (August 17, 2013) * How to Use Wireshark to Capture, Filter and Inspect Packets * Wireshark: A Guide to Color My Packets (1st July 2014) * Getting Started with Wireshark (11, 07, 2014) * Let me tell you about Wireshark 2.0 (November 6, 2015) * Wireshark Wiki / SSL * [https://osqa-ask.wireshark.org/questions/34075/why-wireshark-cannot-display-tlsssl Why wireshark cannot display TLS/SSL](23 Jun '14) ** Edit -> Preferences -> Protocols -> HTTP -> SSL/TLS Ports * Wireshark Wiki / WebSocket: websocket filter Tips and Tricks Typical display filters ip.src 192.168.1.31 and ip.addr 203.252.150.28 and http tcpdump * tcpdump homepage : a powerful command-line packet analyzer * tcpdump on Wikipedia * tcpdump manpage Options * 12 Tcpdump Commands – A Network Sniffer Tool (September 13, 2012) * Capture Packets with Tcpdump (2013-04-25) * Using tcpdump to see HTTP requests and responses (17 April, 2010) ** tcpdump -n -s0 -A -i eth0 tcp port 80 * How to filter tcpdump output based on packet length (Mar 26 '12) ** tcpdump -n -i eth0 -A -x tcp port 443 and greater 100 Filter Expression * [https://linux.die.net/man/7/pcap-filter pcap-filter man page] : explains filter expressions